What is the value of attending the SecureWorld Expo? I have been thinking about that a bit lately and have come to a few conclusions. I will preface my arguement by saying that the SecureWorld Expo experience is invaluable to everyone. No, I am not limiting it to I.T. folks. As more and more people become educated about how important it is to have a positive security posture, the better things will be for everyone involved. Well everyone except for the hackers of course!

I am stating the obvious here I know, but how many of you out there have worked at places where people guard their security knowledge like it’s KFC’s secret recipe for chicken? Have you ever had to work with a security expert that can tell you every law of governance, but never truly explain WHY those laws are in place? Ever talk to a business partner not in I.T. that just didn’t get why the web applications needed to be protected by a web application firewall or why ALL the ports on the firewall couldn’t be opened up? I talked to a large number of people that worked at well known companies and each said that is the case where they work. Of the group I talked to it was about 50% from the business arena and 50% from the IT side of the house, but they were all there for a common goal….

The SecureWorld Expo is a place where people can go to learn the WHY. Not just I.T. folks, but people from all aspects of business as well. They can talk to industry leaders and experts about things that are going down past, present and future. It is all about translation and communication of the most up-to-date information available. How up-to-date is the information that is covered? The second day of the expo, the speaker Dan Greer came out to the podium and started talking about the SSL Man-in-the-Middle Renegotiation story that just broke in the news. I have to say my hats off to the folks in the DevCentral community to, shortly thereafter, a way to mitigate the attack showed up on DevCentral (Lupo, thanks for your contribution!)… it can be found in the forums at http://devcentral.f5.com/Default.aspx?tabid=53&forumid=5&postid=86456&view=topic

Other than the open sharing and exchange of knowledge, the excellent speakers, free vendor loot and good food, the other thing that is great about the SecureWorld Expo is the fact that you get CPE credits for attending the various events. Depending on the events that you sign up for you can either earn a 12 CPE or a 16 CPE Certificate of Attendance. This is outstanding for those that have CPE requirements to meet and keep up with. Not only can you obtain a lot of CPE’s in a short time, but it is also very cost effective. You definitely get more bang for your buck at a SecureWorld event than you do at many others.